<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
                      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8"/>
    <title>Open ID Authentication - Zend Framework Manual</title>

    <link href="../css/shCore.css" rel="stylesheet" type="text/css" />
    <link href="../css/shThemeDefault.css" rel="stylesheet" type="text/css" />
    <link href="../css/styles.css" media="all" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Zend Framework</h1>
<h2>Programmer's Reference Guide</h2>
<ul>
    <li><a href="../en/zend.auth.adapter.openid.html">Inglês (English)</a></li>
    <li><a href="../pt-br/zend.auth.adapter.openid.html">Português Brasileiro (Brazilian Portuguese)</a></li>
</ul>
<table width="100%">
    <tr valign="top">
        <td width="85%">
            <table width="100%">
                <tr>
                    <td width="25%" style="text-align: left;">
                    <a href="zend.auth.adapter.ldap.html">LDAP Authentication</a>
                    </td>

                    <td width="50%" style="text-align: center;">
                        <div class="up"><span class="up"><a href="zend.auth.html">Zend_Auth</a></span><br />
                        <span class="home"><a href="manual.html">Programmer's Reference Guide</a></span></div>
                    </td>

                    <td width="25%" style="text-align: right;">
                        <div class="next" style="text-align: right; float: right;"><a href="zend.barcode.html">Zend_Barcode</a></div>
                    </td>
                </tr>
            </table>
<hr />
<div id="zend.auth.adapter.openid" class="section"><div class="info"><h1 class="title">Open ID Authentication</h1></div>
    

    <div class="section" id="zend.auth.adapter.openid.introduction"><div class="info"><h1 class="title">Introduction</h1></div>
        

        <p class="para">
            The <span class="classname">Zend_Auth_Adapter_OpenId</span> adapter can be used to authenticate
            users using remote OpenID servers. This authentication method assumes that the user
            submits only their OpenID identity to the web application. They are
            then redirected to their OpenID provider to prove identity ownership
            using a password or some other method. This password is never provided to
            the web application.
        </p>

        <p class="para">
            The OpenID identity is just a <acronym class="acronym">URI</acronym> that points to a web site
            with information about a user, along with special tags that
            describes which server to use and which identity to submit there.
            You can read more about OpenID at the
            <a href="http://www.openid.net/" class="link external">&raquo; OpenID official site</a>.
        </p>

        <p class="para">
            The <span class="classname">Zend_Auth_Adapter_OpenId</span> class wraps
            the <span class="classname">Zend_OpenId_Consumer</span> component, which implements the
            OpenID authentication protocol itself.
        </p>

        <blockquote class="note"><p><b class="note">Note</b>: 
            <p class="para">
                <span class="classname">Zend_OpenId</span> takes advantage of the <a href="http://php.net/gmp" class="link external">&raquo; GMP extension</a>, where available. Consider
                enabling the <acronym class="acronym">GMP</acronym> extension for better performance when using
                <span class="classname">Zend_Auth_Adapter_OpenId</span>.
            </p>
        </p></blockquote>
    </div>

    <div class="section" id="zend.auth.adapter.openid.specifics"><div class="info"><h1 class="title">Specifics</h1></div>
        

        <p class="para">
            As is the case for all <span class="classname">Zend_Auth</span> adapters, the
            <span class="classname">Zend_Auth_Adapter_OpenId</span> class implements
            <span class="classname">Zend_Auth_Adapter_Interface</span>, which defines one method:
             <span class="methodname">authenticate()</span>. This method performs the authentication itself,
            but the object must be prepared prior to calling it. Such adapter preparation includes
            setting up the OpenID identity and some other <span class="classname">Zend_OpenId</span>
            specific options.
        </p>

        <p class="para">
            However, as opposed to other <span class="classname">Zend_Auth</span> adapters,
            <span class="classname">Zend_Auth_Adapter_OpenId</span> performs authentication on an external
            server in two separate <acronym class="acronym">HTTP</acronym> requests. So the
             <span class="methodname">Zend_Auth_Adapter_OpenId::authenticate()</span> method must be called
            twice. On the first invocation the method won&#039;t return, but will redirect the user to
            their OpenID server. Then after the user is authenticated on the remote server, they
            will be redirected back and the script for this second request must call
             <span class="methodname">Zend_Auth_Adapter_OpenId::authenticate()</span> again to verify the
            signature which comes with the redirected request from the server to complete the
            authentication process. On this second invocation, the method will return the
            <span class="classname">Zend_Auth_Result</span> object as expected.
        </p>

        <p class="para">
            The following example shows the usage of
            <span class="classname">Zend_Auth_Adapter_OpenId</span>. As previously mentioned, the
             <span class="methodname">Zend_Auth_Adapter_OpenId::authenticate()</span> must be called two
            times. The first time is after the user submits the <acronym class="acronym">HTML</acronym> form with
            the <var class="varname">$_POST[&#039;openid_action&#039;]</var> set to <em class="emphasis">&quot;login&quot;</em>,
            and the second time is after the <acronym class="acronym">HTTP</acronym> redirection from OpenID server
            with <var class="varname">$_GET[&#039;openid_mode&#039;]</var> or
            <var class="varname">$_POST[&#039;openid_mode&#039;]</var> set.
        </p>

        <pre class="programlisting brush: php">
&lt;?php
$status = &quot;&quot;;
$auth = Zend_Auth::getInstance();
if ((isset($_POST[&#039;openid_action&#039;]) &amp;&amp;
     $_POST[&#039;openid_action&#039;] == &quot;login&quot; &amp;&amp;
     !empty($_POST[&#039;openid_identifier&#039;])) ||
    isset($_GET[&#039;openid_mode&#039;]) ||
    isset($_POST[&#039;openid_mode&#039;])) {
    $result = $auth-&gt;authenticate(
        new Zend_Auth_Adapter_OpenId(@$_POST[&#039;openid_identifier&#039;]));
    if ($result-&gt;isValid()) {
        $status = &quot;You are logged in as &quot;
                . $auth-&gt;getIdentity()
                . &quot;&lt;br&gt;\n&quot;;
    } else {
        $auth-&gt;clearIdentity();
        foreach ($result-&gt;getMessages() as $message) {
            $status .= &quot;$message&lt;br&gt;\n&quot;;
        }
    }
} else if ($auth-&gt;hasIdentity()) {
    if (isset($_POST[&#039;openid_action&#039;]) &amp;&amp;
        $_POST[&#039;openid_action&#039;] == &quot;logout&quot;) {
        $auth-&gt;clearIdentity();
    } else {
        $status = &quot;You are logged in as &quot;
                . $auth-&gt;getIdentity()
                . &quot;&lt;br&gt;\n&quot;;
    }
}
?&gt;
&lt;html&gt;&lt;body&gt;
&lt;?php echo htmlspecialchars($status);?&gt;
&lt;form method=&quot;post&quot;&gt;&lt;fieldset&gt;
&lt;legend&gt;OpenID Login&lt;/legend&gt;
&lt;input type=&quot;text&quot; name=&quot;openid_identifier&quot; value=&quot;&quot;&gt;
&lt;input type=&quot;submit&quot; name=&quot;openid_action&quot; value=&quot;login&quot;&gt;
&lt;input type=&quot;submit&quot; name=&quot;openid_action&quot; value=&quot;logout&quot;&gt;
&lt;/fieldset&gt;&lt;/form&gt;&lt;/body&gt;&lt;/html&gt;
*/
</pre>


        <p class="para">
            You may customize the OpenID authentication process in several way.
            You can, for example, receive the redirect from the OpenID server on a separate page,
            specifying the &quot;root&quot; of web site and using a custom
            <span class="classname">Zend_OpenId_Consumer_Storage</span> or a custom
            <span class="classname">Zend_Controller_Response</span>. You may also use
            the Simple Registration Extension to retrieve information about
            user from the OpenID server. All of these possibilities are described
            in more detail in the <span class="classname">Zend_OpenId_Consumer</span>
            chapter.
        </p>
    </div>
</div>
        <hr />

            <table width="100%">
                <tr>
                    <td width="25%" style="text-align: left;">
                    <a href="zend.auth.adapter.ldap.html">LDAP Authentication</a>
                    </td>

                    <td width="50%" style="text-align: center;">
                        <div class="up"><span class="up"><a href="zend.auth.html">Zend_Auth</a></span><br />
                        <span class="home"><a href="manual.html">Programmer's Reference Guide</a></span></div>
                    </td>

                    <td width="25%" style="text-align: right;">
                        <div class="next" style="text-align: right; float: right;"><a href="zend.barcode.html">Zend_Barcode</a></div>
                    </td>
                </tr>
            </table>
</td>
        <td style="font-size: smaller;" width="15%"> <style type="text/css">
#leftbar {
	float: left;
	width: 186px;
	padding: 5px;
	font-size: smaller;
}
ul.toc {
	margin: 0px 5px 5px 5px;
	padding: 0px;
}
ul.toc li {
	font-size: 85%;
	margin: 1px 0 1px 1px;
	padding: 1px 0 1px 11px;
	list-style-type: none;
	background-repeat: no-repeat;
	background-position: center left;
}
ul.toc li.header {
	font-size: 115%;
	padding: 5px 0px 5px 11px;
	border-bottom: 1px solid #cccccc;
	margin-bottom: 5px;
}
ul.toc li.active {
	font-weight: bold;
}
ul.toc li a {
	text-decoration: none;
}
ul.toc li a:hover {
	text-decoration: underline;
}
</style>
 <ul class="toc">
  <li class="header home"><a href="manual.html">Programmer's Reference Guide</a></li>
  <li class="header up"><a href="manual.html">Programmer's Reference Guide</a></li>
  <li class="header up"><a href="reference.html">Zend Framework Reference</a></li>
  <li class="header up"><a href="zend.auth.html">Zend_Auth</a></li>
  <li><a href="zend.auth.introduction.html">Introduction</a></li>
  <li><a href="zend.auth.adapter.dbtable.html">Database Table Authentication</a></li>
  <li><a href="zend.auth.adapter.digest.html">Digest Authentication</a></li>
  <li><a href="zend.auth.adapter.http.html">HTTP Authentication Adapter</a></li>
  <li><a href="zend.auth.adapter.ldap.html">LDAP Authentication</a></li>
  <li class="active"><a href="zend.auth.adapter.openid.html">Open ID Authentication</a></li>
 </ul>
 </td>
    </tr>
</table>

<script type="text/javascript" src="../js/shCore.js"></script>
<script type="text/javascript" src="../js/shAutoloader.js"></script>
<script type="text/javascript" src="../js/main.js"></script>

</body>
</html>